International Journal of Information Security
Volume:5 Issue: 1, Jan 2013

This paper investigates digital data hiding schemes. The concept of information hiding will be explained at first، and its traits، requirements، and applications will be described subsequently. In order to design a digital data hiding system، one should first become familiar with the concepts and criteria of information hiding. Having knowledge about the host signal، which may be audio، image، or video and the final receiver، which is Human Auditory System (HAS) or Human Visual System (HVS)، is also beneficial. For the speech/audio case، HAS will be briefly reviewed to find out how to make the most of its weaknesses for embedding as much data as possible. The same discussion also holds for the image watermarking. Although several audio and image data hiding schemes have been proposed so far، they can be divided into a few categories. Hence، conventionalschemes along with their recently published extensions are introduced. Besides، a general comparison is made among these methods leading researchers/designers to choose the appropriate schemes based on their applications. Regarding the old scenario of the prisoner-warden and the evil intention of the warden to eavesdrop and/or destroy the data that Alice sends to Bob، there are both intentional and unintentional attacks to digital information hiding systems، which have the same effect based on our definition. These attacks can also be considered for testing the performance or benchmarking، of the watermarking algorithm. They are also known as steganalysis methods which will be discussed at the end of the paper.

In this paper, a new broadcast encryption scheme is presented based on threshold secret sharing and secure multiparty computation. This scheme is maintained to be dynamic in that a broadcaster can broadcast a message to any of the dynamic groups of users in the system and it is also fair in the sense that no cheater is able to gain an unfair advantage over other users.Another important feature of our scheme is collusion resistance. Using secure multiparty computation, a traitor needs k cooperators in order to create a decryption machine. The broadcaster can choose the value of k as he decides to make a trade-o between communication complexity and collusion resistance. Comparison with other Broadcast Encryption schemes indicates enhanced performance and complexity on the part of the proposed scheme (in terms of message encryption and decryption, key storage requirements, and ciphertext size) relative to similar schemes. In addition, the scheme is modeled using applied pi calculus and its security is veried by means of an automated verication tool, i.e., ProVerif.

Key agreement protocols are essential for secure communications in open and distributed environments. Recently identity-based key agreement protocols have been increasingly researched because of the simplicity of a public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is generated by a trusted Private Key Generator (PKG). However, it is unrealistic to assume that a single PKG will be responsible for issuingprivate keys to members of dierent organizations or a large-scale nation, so it is needed to consider multiple PKG environments with dierent system parameters. In this paper, we propose an identity-based key agreement protocol among users of dierent networks with independent PKGs, which makes use of elliptic curves. We prove the security of the proposed protocol in the random oracle model and show that all security attributes are satised. We also demonstrate a comparison between our protocol and some related protocols in terms of the communication costs and the execution time. The results show that the execution time of our protocol is less than 10%, and its communication costs are about 50% of the competitor protocols.

To control the exponential growth of malware files, security analysts pursue dynamic approaches thatautomatically identify and analyze malicious software samples. Obfuscation and polymorphism employedby malware make it difficult for signature-based systems to detect sophisticated malware files, the dynamicanalysis or run-time behavior provides a better technique for identifying the threat.In this paper, a dynamic approach for extracting features from binaries is proposed. Run-timebehavior of the binary files were found and recorded in a controlled environment tool developed in-house.The approach based on DyVSoR assumes that run-time behavior of each binary can be represented by thevalues of registers contents. A method to compute the similarity between two binaries based on their registersvalue sets is presented. To do, registers values are traced before and after invoked API calls in eachbinary and mapped to some vectors. To detect an unknown file, it is enough to compare it with datasetbinaries by computing the distance between registers content of this file and all binaries. This methodcould detect malicious samples with 96.1% accuracy and 4% false positive. List of execution traces anddataset can be found at: http://home.shirazu.ac.ir/~sami/malware.

The present paper is intended to present a robust multiplicative video watermarking scheme. In this regard, the video signal is segmented into 3-D blocks like cubes, and then, the 3-D wavelet transform is applied to each block. The low frequency components of the wavelet coefficients are then used for data embedding to make the process robust against both malicious and unintentional attacks. The hidden message is inserted through multiplying/dividing these coefficients by a constant parameter which controls the power of the watermark.The watermark extraction relies on a maximum likelihood based procedure, observing the distribution of the watermarked coefficients. The performance of the proposed scheme has been verified via simulations and found to be superior to some of the well-known existing video watermarking methods.

The present paper is aimed at introducing a new algorithm for image encryption using chaotic tent maps and the desired key image. This algorithm consists of two parts, the first of which working in the frequency domain and the second, in the time domain. In the frequency domain, a desired key image is used and a random number is generated, using the chaotic tent map, in order to change the phase of the plain image. This change in the frequency domain causes changes in the pixels value and shuffles the pixels location in the time domain. Finally,in the time domain, a pseudo random image is produced using a chaotic tent map, to be combined to the image generated through the first step, and thus the final encrypted image is created. A computer simulation is also utilized to evaluate the proposed algorithm and to compare its results to images encrypted by other methods. The criteria for these comparisons are chi square test of histogram, correlation coefficients of pixels, NPCR (number of pixel change rate), UACI (unified average changing intensity), MSE (mean square error) and MAE (mean absolute error), key space, and sensitivity to initial condition. These comparisons revealed that the proposed chaotic image encryption method shows a higher performance and is of more security.